Using encrypted disks

[Anne Wilson]

On Thursday 10 April 2008 10:56:16 pm Andrew Farris wrote:
> Anne Wilson wrote:
> >
> > df
> > Filesystem           1K-blocks      Used Available Use% Mounted on
> > /dev/mapper/VolGroup00-LogVol00
> >                      228486436   2424584 226061852   2% /
> > /dev/sda1               194442     20120    164283  11% /boot
> > tmpfs                  1037608         0   1037608   0% /dev/shm
> >
> > I definitely prefer a separate home, but I've not used LVM before, and I
> > can't recall what happened when I tried to do that.
>
> Ok so you do have the default partitioning scheme with a single / and
> /boot.  So you are being asked for your LUKS passphrase twice?  This may be
> because the LVM spans two disks, but thats just a guess because I'm not
> familiar with how that is handled.  When you have a single encrypted LVM on
> a single disk that does not happen.
>
> > Here's what I got from fdisk -l:
> >
<snip> 
> >
> > I don't really know how to read this.  Why are there 4 dm-devices?
>
> I'm not sure about why 4 show up, but they are created by udev for device
> mapper (the dm-) which does the software raid and in this case handles the
> encrypted lvm.  My system shows just two of them (dm-0 and dm-1), one for
> each encrypted partition (but I have no lvm).  My swap is not encrypted.
>
> Judging by the sizes of the dm-x devices, there is one for each of your
> 120Gb disks, one for the full 237Gb LVM (both disks), and one for your swap
> (probably encrypted and included inside the LVM on sdb?).
>
That sounds a likely explanation.  I took the default offered because I could 
not see how to make it do what I wanted.  I hate the lack of control, and it 
just isn't intuitive to find how to control the partitioning.  For that 
matter, I don't like LVM either.  I see no advantage to me.  The addition of 
encrypting as an option does seem good.  I wonder if it is possible to 
install and encrypt on a traditional partitioning scheme?

Anne